CyberSec.Space Logo
CVEブラウザに戻る

CVE-2005-2716

HIGH
7.5
CVSS Severity Score
EPSS Score0.1190%
EPSS Percentile4.53th
Published2005年8月29日
Last Modified2026年4月16日

Vulnerability Description

The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name.

Affected Platforms (CPE)

📦
Nokia

Affix

= 2.1.2
📦
Nokia

Affix

= 3.2.0

References & Advisories

🔗 http://affix.sourceforge.net/patch_btsrv_affix_2_1_2
🔗 http://affix.sourceforge.net/patch_btsrv_affix_3_2_0
🔗 http://marc.info/?l=bugtraq&m=112511370326063&w=2
🔗 http://secunia.com/advisories/16574/
🔗 http://www.debian.org/security/2005/dsa-796
🔗 http://www.digitalmunition.com/DMA%5B2005-0826a%5D.txt
🔗 http://www.securityfocus.com/bid/14672
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/22034

関連する脆弱性情報

CVE-2005-227710.0

Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metach...

CVE-2005-22507.5

Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code v...

CVE-2005-12947.2

The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket ca...

CVE-2018-206776.1

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.